SignedCertificate (String function): Difference between revisions
m (add some items) |
m (SHA256 the new default) |
||
| Line 32: | Line 32: | ||
<tr><th><var>SignatureAlgorithm</var></th> | <tr><th><var>SignatureAlgorithm</var></th> | ||
<td>This optional, [[Notation conventions for methods#Named parameters|name required]], argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid options are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>. | <td>This optional, [[Notation conventions for methods#Named parameters|name required]], argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid options are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>. The default value is <var>SHA256</var> as of Model 204 7.7 (and zap maintenance for versions 7.6 and 7.5). | ||
<p class="note"><b>Note:</b> Although supported and | <p class="note"><b>Note:</b> Although supported and formerly the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr> | ||
</table> | </table> | ||
Revision as of 16:40, 30 March 2016
Sign a certificate request (String class)
[Requires Janus Network Security]
This page is under construction.
This callable method generates a signed SSL client certificate from a given certificate request and private key. It adds the lines of the signed certificate to the end of the object certificate-request and optionally to an output string variable.
Syntax
[%signedCert =] string:SignedCertificate( [PrivateKey=] string, - [[Signer=] string], - [[StartDate=] string], - [[EndDate=] string], - [[SerialNumber=] number], - [SignatureAlgorithm= digestAlgorithm]) Throws PKCSError
Syntax terms
| %signedCert | string |
|---|---|
| string | A string hat contains a base-64 encoded X.509 certificate request. |
| PrivateKey | This name allowed parameter is a Longstring that contains an RSA-generated private key. This value must be less than or equal to 2048 bits. |
| Signer | This optional, name allowed, argument is a string that contains the base-64 encoded CA (certifying authority) X.509 certificate. If not specified, ???????????????????, the certificate will be self-signed. |
| StartDate | This optional, name allowed, argument is a string that contains the Start date for the signed certificate (in YYMMDDHHMISS format). The default is today's date. |
| EndDate | This optional, name allowed, argument is a string that contains the End date for the signed certificate (in YYMMDDHHMISS format). The default is 24 hours from StartDate. |
| SerialNumber | This optional, name allowed, argument is a numeric value that is the Serial number for the signed certificate. The default is a number guaranteed to increase by 1 for every call and guaranteed to increase from run to run, unless there is an extreme amount of signing occurrences. |
| SignatureAlgorithm | This optional, name required, argument is a DigestAlgorithm enumeration value. Valid options are: MD5, SHA1, SHA256. The default value is SHA256 as of Model 204 7.7 (and zap maintenance for versions 7.6 and 7.5).
Note: Although supported and formerly the default, most modern browsers are deprecating SHA1. |
Usage notes
Examples
See also
String methods:
- CertificateRequest
- SignedCertificate
- DerToXmlDoc
- RSAPrivateKeyToXmlDoc
- X509CertificateToXmlDoc
- X509CrlToXmlDoc
- Multiple cryptographic cipher methods
Stringlist methods:
- AppendCertificateInfo
- AppendCertificateRequest
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendEncryptedSecurityData
- AppendGeneratedPrivateKey
- AppendPemData
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest
- PemToString
System methods:
Socket methods: